this post was submitted on 23 Oct 2024
42 points (100.0% liked)

Cybersecurity

5683 readers
7 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 1 year ago
MODERATORS
top 20 comments
sorted by: hot top controversial new old
[–] [email protected] 7 points 3 weeks ago (2 children)

Here's the scope of it

A National Institute of Standards and Technology (NIST) advisory on the bug describes it as "an issue [that] was discovered in the m2m scaler driver in Samsung Mobile Processor and Wearable Processor Exynos 9820, 9825, 980, 990, 850, and W920." A use-after-free bug in the mobile processor ultimately leads to privilege escalation, the agency added.

[–] [email protected] 3 points 3 weeks ago

Its a good thing people already knew Exynos sucks. Made me steer well clear of those chips.

[–] [email protected] 1 points 3 weeks ago (1 children)

Looks like they're mainly used in Galaxy S phones and tables...

[–] [email protected] 0 points 3 weeks ago

The bootloader is locked for your own good, boy!

[–] [email protected] 4 points 3 weeks ago* (last edited 3 weeks ago) (3 children)

Urrg! I have one of those CPUs. (Exynos 9820) I don't want to upgrade with an expensive new phone. I get no longer security updates.

[–] [email protected] 2 points 3 weeks ago

Ugh, I'm in the same boat. s10e, I have zero complaint other than the EOL security update. Bought it 2nd hand two years ago.

There's nothing in the market with similar price with the spec and size of my current phone.

[–] [email protected] 1 points 3 weeks ago (1 children)

Lineage might extend that life a little bit

[–] [email protected] 1 points 3 weeks ago (1 children)

I'd try it, but this is essentially an emergency signalling device and not something I'd like to render inoperable.

[–] [email protected] 1 points 3 weeks ago* (last edited 3 weeks ago)

Certainly understandable. Wouldnt risk it on my current main device either. Only on a future new or old backup phone

[–] [email protected] -2 points 3 weeks ago (2 children)

Pixel and grapheneos...

About as good as normie can get currently

Buy used to dent google direct profit and it is cheaper

[–] [email protected] 3 points 3 weeks ago (1 children)

Pixel phones can have hardware quality issues. Samsung arguably makes the best hardware. Their cameras and screens have always been way ahead of every other phone.

[–] [email protected] 1 points 3 weeks ago

I have heard about that. Samsung prolly does have better quality but their US models got locked bootloaders and theu dont really get any support from calyx and graphene, so i cant recommend them.

As idiotic as it is, googles phone is the besy choice if you are privacy/security first type

[–] [email protected] 1 points 3 weeks ago (2 children)

My banking app sadly doesn't work on a rooted phone.

[–] [email protected] 2 points 3 weeks ago

Grapheneos isn't rooted by default, and they recommend re-locking the bootloader after installing it, so most banking apps work.

[–] [email protected] 1 points 3 weeks ago (1 children)

Custom roms dont require rooting. It is a bad security practice and not necessary.

GrapheneOS uses sandboxed google play store and most banking apps work fine with exception like CashApp and other bankspy type shops.

[–] [email protected] 1 points 3 weeks ago (2 children)

Is there a confirmed list of apps that will not function in Graphene? I searched around, and all I get is "some bank apps dont work" but your the first I see mention cashapp specifically. I could probably work around Cashapp, but I'd at least need zelle/venmo etc. Due to my credit union app more than likely not being compatible.

I really want to move to the platform, but I don't currently have a Pixel, so I can't just try it out. Before going out, buying a Pixel, loading Graphene and finding out I can't use my banking app or the very least the other money apps I'd just like a heads up.

In the end if I need a backup phone then so be it.

[–] [email protected] 4 points 3 weeks ago (1 children)
[–] [email protected] 2 points 3 weeks ago

Almost. It doesn't list cashapp, venmo, zelle. I use a local credit union, so my bank app would likely never be listed.

Maybe I just keep an eye out for a cheap Pixel and just try it.

[–] [email protected] 2 points 3 weeks ago (1 children)

I think there lists out there but i never seen them, maybe somebody can post.

My friend tried the switch and cashapp was deal breaker for him so thats how i know.

It is trial and error and my understanding, some banks are actively working to brick custom roms

Cash app used to work according to reddit posts i saw.

I am abit more hardcore about it. If bank fucks around, i will fucking move. I know we cant exepct most people to do this.

But with privacy/security first mentality it is doable.

[–] [email protected] 2 points 3 weeks ago

I am abit more hardcore about it. If bank fucks around, i will fucking move.

Thank you. That's someone willing to make a change.